What I have here is piece of code that takes the information of two columns, ‘WriteSecurity’ and ‘ReadSecurity’ and sets Contribute and Read permissions respectively on a document library item. This allows the user to choose security for the document that they create/upload at the time of their create/upload.

It is a feature that overrides the ItemUpdating and ItemUpdated events in a site collection. The feature first looks for the columns, WriteSecurity and ReadSecurity; if it does not find both of them, it ignores the rest of the process and continues as normal. If it does find them both, it will check for data within those columns; if no data is present, the method will have the item inherit permissions from its containing library. If it finds that only the ReadSecurity column is filled, it will throw an error saying that Read without Write permissions are not allowed. Otherwise the process will cycle through the users/groups specified and assign the appropriate permissions. All of this is done with elevated permissions, but the ‘Modified By’ column will be that of the calling user.

I’ve spent a lot of time on this code, but I was not a C# programmer when I started and I knew nothing of SharePoint event receivers and code-based modification. That said, this has worked in two environments. I would imagine, however, that an experienced programmer/SharePoint Guru, would identify my messy bits and suggest better approaches (please do!) especially with my method of extracting user IDs from the security columns, and the way I repeat the code for the Write and Read bits.

This has been designed to work with Document Libraries. As said before, the feature looks for the columns ‘WriteSecurity’ and ‘ReadSecurity’ with no spaces – at least, the columns in the library should be created that way; you can rename after. And I believe that this may not work if your user’s domain starts with a number…

For those who are like I was when I first created this, he’s the summarised approach to take:

Using Visual Studio, create a C# Class Library Project

Add a reference to Windows SharePoint Services

Rename the class to SetPermissionsEventhandler

Copy the C# code into the project

Sign the project with a strong key

Build it

Drag the resulting DLL from the project’s bin folder into the c:\windows\assembly folder on the SharePoint server.

<Feature Scope="Web"
Title="Set Permissions Event Handler"
Description="This feature takes the People and Groups identified in the 'Write Security' and 'Read Security' columns in Document Libraries and applies the relevant permissions to each item when it is edited. If the item is checked-out, the permissions will not be applied until the item is checked back in. To enable this feature's functionality in a Document Library, 'Person or Group' columns must be created with the names, WriteSecurity and ReadSecurity (with no spaces); they can be renamed thereafter."
Id="CREATEANEWGUIDANDPUTITHERE"
xmlns="http://schemas.microsoft.com/sharepoint/">
<ElementManifests>
<ElementManifest Location="Elements.xml"/>
</ElementManifests>
</Feature>